theevilbit / Shield
An app to protect against process injection and suspicious file links on macOS
☆218Updated 3 years ago
Alternatives and similar repositories for Shield:
Users that are interested in Shield are comparing it to the libraries listed below
- File Monitor Library (based on Apple's new Endpoint Security Framework)☆339Updated 2 years ago
- Mapping XProtect's obfuscated malware family names to common industry names.☆84Updated 9 months ago
- A command line tool for pstree-like output on macOS with additional pid capturing capabilities☆250Updated 5 months ago
- A DNS Monitor, leveraging Apple's NEDNSProxyProvider/Network Extension Framework☆179Updated 5 months ago
- Process Monitor Library (based on Apple's new Endpoint Security Framework)☆441Updated last year
- Secure example of an XPC helper written in Swift☆103Updated 4 years ago
- And open-source version of % sfltool dumpbtm☆119Updated last year
- Scripts (python3 and Swift) for macOS to recursively check /Applications and also check /usr/local/bin, /usr/bin, and /usr/sbin for binar…☆93Updated 2 years ago
- Various scripts for macOS tasks☆122Updated 4 months ago
- Phorion Kronos is a macOS security tool designed to enhance Apple's Transparency Consent and Control (TCC) security and privacy mechanism…☆72Updated last year
- This is a work-in-progress command line tool for reversing run-only AppleScripts. It will help parse the output of applescript-disassembl…☆65Updated 4 years ago
- A user-mode application authorization system for MacOS written in Swift☆302Updated 4 years ago
- A module to expose the Endpoint Security library to Swift☆20Updated 5 years ago
- Scan your computer for applications that are either susceptible to dylib hijacking or have been hijacked.☆86Updated last year
- This is a complete Xcode project of the Endpoint Security Demo gist: https://gist.github.com/Omar-Ikram/8e6721d8e83a3da69b31d4c2612a68ba☆19Updated last month
- WhatsYourSign adds a menu item to Finder.app. Simply right-, or control-click on any file to display its cryptographic signing informatio…☆314Updated 2 weeks ago
- A simple run-only applescript disassembler☆117Updated 2 years ago
- Visually explore all running tasks (processes) ....viewing its signature status, loaded dylibs, open files, network connection, and much …☆91Updated 4 years ago
- example project, utilizing Proc Info library☆68Updated 4 years ago
- List of legitimate macOS apps doing not great things☆35Updated 3 years ago
- View all modules on that are loaded in the OS kernel☆69Updated last year
- process info/monitoring library for macOS☆418Updated 4 years ago
- Network Monitor☆327Updated 4 months ago
- macOS XProtect definition files☆40Updated 2 years ago
- Dotfiles and scripts to configure macOS the way I like it. Caveat emptor 😉🔥☆35Updated 3 weeks ago
- macOS application that makes use of the EndpointSecurity framework☆19Updated 5 years ago
- checks if an application is pristine (untampered) and from the official Mac App Store☆71Updated 4 years ago
- Parser for OSX/iOS FSEvents Logs☆242Updated 2 months ago
- Sample code for macOS Extensions Part 3☆24Updated 4 years ago
- Proof of concept MacOS post exploitation tool written in Swift. Designed as a POC for blue teams to build macOS detections. Author: Cedri…☆119Updated 4 years ago